In 2017, JPMorgan Chase deployed a machine learning system called COiN — Contract Intelligence — to review commercial loan agreements. The result: 360,000 hours of annual legal work reduced to seconds. That's not a rounding error. That’s a structural shift in how a heavily regulated institution manages compliance documentation at scale.
Finance figured this out first. The rest of regulated industry is still catching up.
What Happened on Wall Street
JPMorgan’s COiN system wasn’t built because document review was annoying. It was built because reviewing 12,000 commercial credit agreements annually — each one dense with covenants, obligations, and error-prone manual interpretation — represented a massive operational liability. Errors in contract review create regulatory exposure. Delays create business friction. Both cost money.
COiN uses machine learning to parse contracts, extract key data points, flag deviations from standard terms, and surface exceptions for attorney review. What previously required lawyers and loan officers to work through documents line by line now runs in seconds. According to reporting from Bloomberg and the ABA Journal (2017), the system processes those 12,000 documents and saves an estimated 360,000 work hours per year.
This wasn’t a proof of concept. It went into production. It scales. It’s auditable. And it was deployed at one of the most regulated financial institutions in the world — an institution that operates under OCC oversight, Federal Reserve supervision, and a compliance regime that would make most pharma regulatory teams feel at home.
JPMorgan didn’t stop there. By 2024, the bank estimated the total value of its AI deployment at $1–1.5 billion in productivity improvements and cost reduction, with AI-powered KYC (Know Your Customer) file processing on track to scale from ~155,000 files processed in 2022 to 230,000 by 2025. (Source: Bank for International Settlements, FSI Insights, 2024.)
Goldman Sachs has pursued similar efficiency gains — deploying AI tools internally to accelerate contract analysis, risk documentation, and research summarization. A 2024 Bain survey of financial services firms found companies averaging ~20% productivity improvements from AI deployments, with the gains concentrated in document-heavy workflows.
What This Actually Means
Here’s what Wall Street understood that most regulated industries haven’t internalized yet:
Document review isn’t just a cost center. It’s a compliance risk surface.
Every manual review cycle is an opportunity for inconsistency, error, missed deadlines, and regulatory exposure. When a human reviews the 11,000th page in a submission package, they’re not as sharp as they were on page one. AI doesn’t have that problem.
The financial services industry also had a forcing function that other regulated sectors are still waiting for: competitive pressure. Banks that could close loans faster, review contracts more accurately, and scale their compliance operations without proportional headcount growth outcompeted those that couldn’t.
In medtech, pharma, healthcare, and energy — the forcing function is coming. Regulatory bodies are starting to move. And the companies that have already built the muscle will have a structural advantage when the window opens.
The Translation: What This Looks Like in Your Industry
Medtech — 510(k) Submissions and DHF Documentation
A 510(k) submission can run hundreds to thousands of pages. Design History Files (DHFs) are living documents that accumulate across a product’s lifecycle. AI document review tools can cross-reference predicate device comparisons, flag missing sections against FDA checklists, and identify inconsistencies between test protocols and summary claims — before the submission hits FDA reviewers. In January 2025, FDA published draft guidance on AI-enabled device software functions (Docket FDA-2024-D-4488), acknowledging that AI is being integrated into both the products and the development processes of medical devices. The regulatory infrastructure is being built in real time.
Pharma — Regulatory Submissions and GxP Validation
An NDA or BLA submission package can exceed 100,000 pages across multiple modules. GxP validation documentation — protocols, reports, deviations, CAPAs — creates an enormous compliance documentation burden that compounds with every study. FDA published draft guidance in January 2025 on AI use in regulatory decision-making for drug products (Docket FDA-2024-D-4689), noting that CDER had already reviewed over 500 submissions with AI components between 2016 and 2023. The FDA is not ignorant of this space. They’re building their own AI literacy. Sponsors who show up with AI-assisted submissions that are more complete, more consistent, and better organized will have a different experience with reviewers.
Healthcare — Clinical Documentation and Prior Auth
Clinical documentation burden is well-documented: physicians spend an estimated 2 hours on EHR work for every 1 hour of patient care. AI scribes and documentation tools are in active deployment across health systems. Prior authorization — which requires pulling clinical notes, coding records, and payer criteria into a coherent package — is a near-perfect AI document review use case. The manual friction here doesn’t just cost money; it delays patient care.
Energy — NERC CIP Compliance Documentation
NERC CIP compliance requires utilities to maintain extensive documentation of cybersecurity controls, asset inventories, configuration changes, and evidence of policy adherence. Audit packages can take months to assemble. AI tools that can continuously monitor documentation completeness, flag gaps against current CIP standards, and generate audit-ready evidence summaries are moving from pilots to production at forward-leaning utilities.
Three Steps for the Director Who Wants to Move on This
You’re not a startup. You can’t just deploy a tool and see what happens. Here’s how to build the case and execute:
Step 1: Find your COiN moment. Identify one document-intensive workflow where volume, consistency requirements, and review burden are all high. Not “all our documentation” — one workflow. 510(k) predicate comparison. CAPA documentation review. Prior auth package assembly. Pick the one where a 20% time reduction would actually change something operationally. Make the baseline measurable before you start.
Step 2: Run a bounded pilot with real regulatory validity. The biggest mistake regulated-industry AI pilots make is treating AI output as a black box. Don’t. Pilot tools that maintain full audit trails, support human-in-the-loop review, and produce outputs you can validate against your existing quality system. Document the validation approach before you run the pilot. This is what makes it approvable to Legal, QA, and Regulatory — and what makes the results credible when you present them upward.
Step 3: Frame the risk correctly. The approval conversation in regulated industries usually gets stuck on “what if the AI makes a mistake.” The correct response is: “Compared to what?” Manual review has an error rate. Manual review has a capacity ceiling. Manual review doesn’t scale. Your job is to put the risk of not automating on equal footing with the risk of automating — and then show the controls. Finance had this conversation in 2015-2017. You’re having it now.
What’s Coming Next Week
Wall Street moved fast on document review because the business case was obvious. But financial services also operates under a principle that most regulated industries are still treating as optional: AI systems must be explainable, auditable, and justifiable to regulators.
Next issue: How the “explainability” requirement in regulated AI isn’t a constraint — it’s actually your competitive moat. And what FDA’s draft guidance on AI in regulatory submissions means for how you build your validation strategy right now.